I agree and this is what we are trying to accomplish when we recommend a safe browsing mode -----Original Message----- From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Mike Beltzner Sent: Friday, February 09, 2007 9:04 AM To: public-wsc-wg@w3.org Cc: dan.schutzer@fstc.org Subject: Re: One laptop per child project security model. It seems to me that what OLPC is doing is very similar to what Tyler's group is doing at HP with their Polarized applications. I definitely think that our goal should be to figure out ways to protect users without asking questions. Sandboxing connections, not allowing one context to reach another, generally assuming that web pages don't need access to each other's data -- all great starts. Where it doesn't help us is with attacks that use spoofing and identity fraud; but there are still lessons to be learned here, such as avoiding dialogs wherever possible, focusing on user task, and trying to make smart choices on the user's behalf so they don't have the ability to shoot themselves in the foot. cheers, mikeReceived on Sunday, 11 February 2007 12:14:04 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:45 GMT